Hello there,
Did anyone be able to implement a lockout policy in vsphere 4.1 ?
It used to be an easy task in 3.5 (esxcfg-auth --maxfailedlogins=3), where an account who tried 3 times to login with a bad password would be blocked.
Now this command is not supported in vsphere 4.1 anymore.
I also checked /etc/pam.d/system-auth and there's no line for pam_tally
at 3.5 it was there like:
account required /lib/security/pam_tally.so deny=5 reset no_magic_root
any help would me much appreciated.
thanks
Eduardo Meirelles
Looks like the same topic is discussed in http://communities.vmware.com/thread/258163
Hello,
gaspipe has the correct reference. Pam_tally is now the way to go.
Best regards,
Edward L. Haletky VMware Communities User Moderator, VMware vExpert 2009, 2010
Now Available: 'VMware vSphere(TM) and Virtual Infrastructure Security'[/url]
Also available 'VMWare ESX Server in the Enterprise'[/url]
Blogging: The Virtualization Practice[/url]|Blue Gears[/url]|TechTarget[/url]|Network World[/url]
Podcast: Virtualization Security Round Table Podcast[/url]|Twitter: Texiwll[/url]